IN THE CLAIMS : 

Please AMEND claims 1-2, 4, and 6-19; and 
Please ADD claims 20-21, as shown below. 

1 . (Currently Amended) A method for strong auth e ntication achiev e d in a single 
round trip , comprising: 

sending a random number to a mobile node, wherein the random number is 
generated local to the mobile node, wherein the random number is generated by a base 
station; 

generating a mobile node signature using the mobile node, wherein the mobile 
node signature is generated using the random number; 

authenticating the mobile node to a network, wherein the network is a 
GPRS general packet radio service network; and 

authenticating the network to the mobile node a 

wherein the authenticating the mobile node to the network and the authenticating 
the network to the mobile node is performed in a single round trip while the mobile node 
is roaming . 

2. (Currently Amended) The method of claim 1, wherein authenticating the mobile 
node to the network^ further comprises 

sending the mobile node signature to an authentication server-^and 
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verifying, by the authentication server, the mobile node signature. 
3. (Cancelled) 



4. (Currently Amended) The method of claim 21, wherein authenticating the 
network to the mobile node, further comprises 

generating an authentication signature by the authentication server; and 
sending the authentication signature to the mobile node. 

5. (Previously Presented) The method of claim 4, further comprising: 
verifying, by the mobile node, the authentication signature. 

6. (Currently Amended) The method of claim §1, wherein the authentication 
server is a home authentication serve r (AAAH) . 

7. (Currently Amended) The method of claim 6, wherein sending the mobile node 
signature to the home authentication server AAAH, further comprises 

sending the mobile node signature to a local authentication serve r (AAAF) , 
wherein local authentication server AAAF is located in a foreign domain and forwards the 
signature to the home authentication server AAAH, 
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8. (Currently Amended) The method of claim 7, further comprising: 
determining when the mobile node signature is not verified, and when the mobile 

node signature is not verified ending the strong authentication. 

9. (Currently Amended) The method of claim 8, further comprising 
determining when the authentication signature is not verified, and when the 

authentication signature is not verified ending the strong authentication. 

10. (Currently Amended) A system for strong authentication achieved in a singl e 
round trip b e tween a mobil e node and a network , comprising: 

a mobile node that is configured to generate a mobile node signature in response to 
a random number received from a source within a domain local to a current position 
relating to the mobile node and send the mobile node signature to be verified, wherein the 
random number is generated by a base station; 

the authentication server located within a home domain associated with the mobile 
node that is configured to receive the mobile node signature, verify the mobile node 
signature, and in response to the verification of the mobile node signature that indicates 
that the mobile node is verified to the-anetwork, wherein the network is a GPRS general 
packet radio service network, return an authentication signature to the mobile node a 
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wherein the verification of the mobile node by the authentication server and 
verification of the authentication signature by the mobile node is performed in a single 
round trip while the mobile node is roaming . 

11. (Currently Amended) The system of claim 10, wherein the source comprises a 
the base station, wherein the base station is within the domain local to the mobile node 
and is configured to generate the random number and send the random number to the 
mobile node. 

12. (Currently Amended) The system of claim 10, further comprising: wherein the 
mobile node is configured to verify the authentication signature, and A i£ when the 
authentication signature is verified^ to authenticating authenticate the network to the 
mobile node. 

13. (Currently Amended) The system of claim 1 1, further comprising: wherein the 
mobile node is configured to verify the authentication signature, and A i£ when the 
authentication signature is verified,, to_ auth o ntioating authenticate the network to the 
mobile node. 

14. (Currently Amended) The system of claim 4^10, wherein the authentication 
server is a home authentication serve r (A A AH) . 
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15. (Currently Amended) The system of claim 14, wherein sending the mobil e 
nod e signature to b o v e rified, farth e r compris e s the mobile node is configured to send the 
mobile node signature to a local authentication serve r (AAAF) , and the local 
authentication server AAAP is configured to forward the signature to the AAAH home 
authentication server . 

16. (Currently Amended) The system of claim 15, wherein the home 
authentication server AAAH is farther configured to send the authentication signature to 
the local authentication server AAAR wherein the local authentication server AAAF is 
arrangod configured to send the authentication signature to the mobile node. 

17. (Currently Amended) The system of claim 16, wherein the home 
authentication server AAAH is farther configured to determine when the mobile node 
signature is not verified, and A when the mobile node signature is not verified , to end the 
strong authentication. 

18. (Currently Amended) The system of claim 17, wherein the mobile node is 
farther configured to determine when the authentication signature is not verified, and,, 
when the authentication signature is not verified , to end the strong authentication. 
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19. (Currently Amended) A system for strong authentication b e tw ee n a mobil e 
nod e and a n e twork , comprising: 

a base station for generating a random number local to the mobile node; 

a means for sending the random number to the mobile node 

a means for generating a mobile node signature using the mobile node, wherein 
the mobile node signature is generated using the random number; 

a means for sending the mobile node signature to an authentication server within a 
GPRS general packet radio service network, and 

verifying by the authentication the mobile node signature; and in response to the 
verifying, generating an authentication signature and sending the authentication signature 
to the mobile node for verification^ 

wherein the verification of the mobile node bv the authentication server and 
verification of the authentication signature by the mobile node is performed in a single 
round trip while the mobile node is roaming . 

20. (New) A base station, comprising: 

a random number generation unit configured to generate a random number; 

a transmission unit configured to send the random number to a mobile node that is 
roaming and is connected to the base station; 

a reception unit configured to receive a mobile node signature generated by the 
mobile node using the random number; 
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an authentication unit configured to authenticate the mobile node to a network by 
communicating with an authentication server, wherein the network is a general packet 
radio service network; and 

a provision unit configured to provide an authentication signature to the mobile 

node, 

wherein the authenticating the mobile node to the network and the providing the 
authentication signature to the mobile node is performed in a single round trip. 

21. (New) A base station, comprising: 

random number generation means for generating a random number; 

transmission means for sending the random number to a mobile node that is 
roaming and is connected to the base station; 

reception means for receiving a mobile node signature generated by the mobile 
node using the random number; 

authentication means for authenticating the mobile node to a network by 
communicating with an authentication server, wherein the network is a general packet 
radio service network; and 

provision means for providing an authentication signature to the mobile node, 

wherein the authenticating the mobile node to the network and the providing the 
authentication signature to the mobile node is performed in a single round trip. 
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